Last Updated: January 2026 | Effective Date: January 2026
In this Privacy Policy, the following defined terms shall have the meanings ascribed to them below. Any reference to the singular shall include the plural and vice versa, and any reference to one gender shall include all genders. Headings are for convenience only and shall not affect the interpretation of this Privacy Policy.
“Account” means any account, profile, or registration that you create, establish, or maintain with the Service, including but not limited to accounts created through direct registration, accounts created through Third-Party Authentication Providers, trial accounts, free accounts, paid subscription accounts, and any successor, replacement, or substitute accounts created in connection with your use of the Service.
“Affiliates” means, with respect to any entity, any other entity that directly or indirectly Controls, is Controlled by, or is under common Control with such entity, where “Control” means the ownership, directly or indirectly, of more than fifty percent (50%) of the voting securities or equivalent ownership interest of an entity, or the power to direct or cause the direction of the management and policies of an entity, whether through ownership of voting securities, by contract, or otherwise.
“Aggregated Data” means information that has been combined with data from multiple users in such a manner that no individual user can be identified, directly or indirectly, from such combined data, including but not limited to statistical analyses, trend reports, usage patterns, and performance metrics derived from the collective use of the Service.
“Anonymised Data” means Personal Data that has been processed in such a manner that the Data Subject is no longer identifiable, taking into account all the means reasonably likely to be used, either by the Company or by any other person, to identify that natural person, including but not limited to techniques such as data masking, pseudonymisation where the key has been irreversibly destroyed, and statistical aggregation.
“Applicable Data Protection Laws” means all laws, regulations, directives, and regulatory requirements relating to the processing of Personal Data as applicable to the Company and/or the Service from time to time, including but not limited to the General Data Protection Regulation (EU) 2016/679 (“GDPR”), the UK General Data Protection Regulation as incorporated into UK law by the Data Protection Act 2018, the California Consumer Privacy Act of 2018 as amended by the California Privacy Rights Act of 2020 (“CCPA/CPRA”), the Virginia Consumer Data Protection Act, the Colorado Privacy Act, the Connecticut Data Privacy Act, and any other applicable data protection or privacy legislation in any jurisdiction in which the Service operates or is made available.
“Company,” “we,” “us,” or “our” means Honest Headlines Inc., a company incorporated and registered under the applicable laws of the relevant jurisdiction, together with its successors, assigns, Affiliates, and any parent company, subsidiary, or related entity.
“Cookies” means small text files, pixels, web beacons, clear GIFs, local storage objects, and similar tracking technologies that are placed on your device when you access or use the Service, which may be session-based (expiring when you close your browser) or persistent (remaining on your device until deleted or until they reach their expiration date).
“Data Controller” means the natural or legal person, public authority, agency, or other body which, alone or jointly with others, determines the purposes and means of the Processing of Personal Data. For the purposes of this Privacy Policy, the Company is the Data Controller with respect to Personal Data collected through or in connection with the Service.
“Data Processor” means a natural or legal person, public authority, agency, or other body which Processes Personal Data on behalf of the Data Controller.
“Data Subject” means an identified or identifiable natural person to whom Personal Data relates; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.
“Device” means any electronic device capable of accessing the Service, including but not limited to desktop computers, laptop computers, tablet computers, smartphones, smart televisions, wearable devices, and any other current or future device technology capable of accessing the Internet or running compatible software applications.
“Extension” means the Honest Headlines browser extension, plugin, add-on, or similar software component designed to integrate with web browsers, including but not limited to versions developed for Google Chrome, Mozilla Firefox, Microsoft Edge, Safari, Opera, Brave, and any other compatible browser platform, together with any updates, upgrades, modifications, or successor versions thereof.
“Personal Data” means any information relating to an identified or identifiable natural person (“Data Subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.
“Processing” means any operation or set of operations which is performed on Personal Data or on sets of Personal Data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction.
“Service” means, collectively and individually, the Honest Headlines browser Extension, the Honest Headlines website (including all subdomains), the Honest Headlines web application, dashboard, user portal, application programming interfaces (APIs), and any other products, features, tools, services, software, or platforms provided, operated, or made available by the Company, whether now existing or hereafter developed, including but not limited to headline analysis services, subscription management functionality, user account features, and any related documentation, support services, or communications.
“Third-Party Services” means any third-party services, platforms, applications, integrations, software, tools, or service providers that we may use to provide, maintain, improve, secure, analyse, or otherwise support the Service, including but not limited to payment processors, authentication providers, hosting services, database providers, content delivery networks, analytics services, artificial intelligence and machine learning processing services, email service providers, customer support platforms, monitoring and logging services, and other vendors, partners, contractors, or subprocessors.
“Usage Data” means data collected automatically through your use of the Service, including but not limited to the date and time of your access, the specific features and functionalities you interact with, the duration and frequency of your sessions, the pages and content you view, the actions you take within the Service, the type and configuration of Device you are using, your operating system type and version, your browser type and version, your screen resolution, your preferred language settings, referring and exit URLs, clickstream data, IP address, unique device identifiers, and any error logs, crash reports, or diagnostic information generated during your use of the Service.
“you” or “your” means the individual accessing or using the Service, or the company, organisation, or other legal entity on behalf of which such individual is accessing or using the Service, as applicable, together with any authorised representatives, agents, employees, or users acting on behalf of such individual or entity.
This Privacy Policy (“Policy”) describes the practices, policies, and procedures of Honest Headlines Inc. (“Company,” “we,” “us,” or “our”) regarding the collection, use, storage, disclosure, transfer, and Processing of Personal Data and other information when you access, use, download, install, or otherwise interact with the Service. This Policy applies to all users of the Service, including but not limited to visitors, registered users, subscribers, trial users, and any other individuals or entities who access or use any aspect of the Service.
By accessing, using, downloading, installing, registering for, subscribing to, or otherwise interacting with the Service, you expressly acknowledge that you have read, understood, and agree to be bound by all terms and conditions set forth in this Privacy Policy, as it may be amended, modified, or updated from time to time in accordance with Section 15 below. If you do not agree with any provision of this Privacy Policy, you must not access or use the Service, and you must immediately cease all use of the Service and delete or remove any installed components of the Service from your Devices. Your continued use of the Service following the posting of any modifications or updates to this Privacy Policy shall constitute your binding acceptance of such modifications or updates.
This Privacy Policy should be read in conjunction with our Terms of Service, which are incorporated herein by reference, and any other policies, guidelines, or notices that may be referenced herein or made available through the Service. In the event of any conflict between this Privacy Policy and the Terms of Service, this Privacy Policy shall govern with respect to matters relating to privacy and data protection, and the Terms of Service shall govern with respect to all other matters.
For the purposes of Applicable Data Protection Laws, including but not limited to the GDPR, the UK GDPR, and any other applicable data protection legislation, the Data Controller responsible for the Processing of your Personal Data in connection with the Service is Honest Headlines Inc. As the Data Controller, the Company determines the purposes for which and the manner in which your Personal Data is Processed, and the Company is responsible for ensuring that such Processing complies with all Applicable Data Protection Laws.
For any enquiries, questions, concerns, or requests relating to data protection, privacy, or this Privacy Policy, including but not limited to requests to exercise your rights under Applicable Data Protection Laws, you may contact the Company at: support@honesthead.com. The Company shall use reasonable endeavours to respond to all such enquiries within the timeframes required by Applicable Data Protection Laws, and in any event within thirty (30) calendar days of receipt of your request.
We collect, receive, store, and Process various categories of information in connection with your access to and use of the Service. The specific information collected may vary depending on how you interact with the Service, the features and functionalities you use, the Device and browser you utilise, and other factors. The categories of information we collect include, but are not limited to, the following:
When you create, establish, register, or maintain an Account with the Service, or when you otherwise provide information to us in connection with your use of the Service, we collect Personal Data that you voluntarily provide, which may include but is not limited to: your full legal name, preferred display name, email address (including primary email address and any additional or backup email addresses), profile photograph or avatar, username, password or other authentication credentials, and any other information you choose to provide in connection with your Account. If you register or authenticate using a Third-Party Authentication Provider, such as Clerk, we may also receive and store information from such provider, including but not limited to your unique identifier with that provider, your profile information, and authentication tokens. This information is necessary for the performance of our contract with you, specifically to create and maintain your Account and to provide you with access to the Service and its features.
We automatically collect, receive, and store Usage Data pertaining to your interactions with the Service. This Usage Data includes, but is not limited to: the date and time of each access to the Service; the specific pages, features, tools, and functionalities you access, view, or interact with; the duration and frequency of your sessions; the sequence and pattern of your navigation through the Service; the content you submit, including but not limited to headlines submitted for analysis and any associated metadata; timestamps and records of analysis requests and their results; your subscription tier, plan type, and usage allocation; usage counts, including but not limited to the number of analyses performed, features utilised, and actions taken; clickstream data reflecting your interactions with user interface elements; and any preferences, settings, or configurations you establish within the Service. This Usage Data is Processed on the basis of our legitimate interests in operating, maintaining, improving, and optimising the Service, as well as for security monitoring, fraud prevention, and abuse detection purposes.
If you make a purchase, subscribe to a paid plan, or otherwise engage in a financial transaction through the Service, payment Processing is handled by our third-party payment processor, Stripe, Inc. We do not, at any time, directly collect, store, receive, access, or Process complete credit card numbers, debit card numbers, bank account numbers, security codes (CVV/CVC), or other sensitive payment credentials on our servers or systems. The information we receive and store in connection with payment transactions includes only: transaction identifiers and reference numbers; the last four digits of your payment card (for display and identification purposes only); card type and brand; billing address (to the extent required for fraud prevention and tax compliance); subscription and plan status, including active, cancelled, paused, or expired status; payment history, including dates and amounts of transactions; and metadata necessary for Account management, invoicing, and subscription renewal. You acknowledge and agree that your provision of payment information to Stripe is subject to Stripe’s own privacy policy and terms of service.
We automatically collect, receive, and store technical information pertaining to the Devices and systems you use to access the Service. This technical information includes, but is not limited to: your Internet Protocol (IP) address, which may be used to infer your approximate geographic location; unique device identifiers, including but not limited to advertising identifiers, hardware identifiers, and installation identifiers; the type, manufacturer, and model of your Device; your operating system type, version, and configuration; your browser type, version, and configuration; installed browser extensions and plugins (to the extent detectable); your screen size, resolution, and display settings; your preferred language and locale settings; your time zone; your network connection type; referring URLs and domains from which you accessed the Service; exit URLs and domains to which you navigate from the Service; and any error logs, crash reports, diagnostic data, and performance metrics generated during your use of the Service. This information is collected through standard web server logs, Cookies, and similar tracking technologies, and is used for purposes including but not limited to service delivery, security monitoring, performance optimisation, fraud prevention, and compliance with Applicable Data Protection Laws.
When you use the headline analysis features of the Service, we receive, Process, and may temporarily store the content you submit for analysis, including but not limited to: the text of headlines and article titles; the URLs or web addresses from which headlines are extracted or to which headlines relate; contextual information about the source or origin of headlines; and the results, outputs, and reports generated by our analysis services. This content is Processed for the purpose of providing the headline analysis service and may be used, in accordance with this Privacy Policy, to improve, train, and refine our analysis capabilities, subject to the anonymisation and aggregation practices described herein.
When you contact us, submit enquiries, request support, or otherwise communicate with the Company, we collect and store the contents of such communications, including but not limited to: the subject and body of emails; attachments and supporting documentation; your contact information; the date and time of communications; chat transcripts; support ticket contents and history; and any other information you voluntarily provide in connection with such communications. This information is used to respond to your enquiries, provide customer support, improve the Service, and maintain records of our interactions with you.
Pursuant to Article 6 of the GDPR and equivalent provisions of other Applicable Data Protection Laws, we Process your Personal Data only where we have a valid legal basis for doing so. The legal bases upon which we rely for our Processing activities include, but are not limited to, the following:
We use, Process, and otherwise handle the information we collect for various purposes, including but not limited to the following:
We retain your Personal Data for as long as is necessary to fulfil the purposes for which it was collected, including but not limited to the purpose of satisfying any legal, regulatory, tax, accounting, or reporting requirements. To determine the appropriate retention period for Personal Data, we consider various factors including, but not limited to: the nature, scope, and sensitivity of the Personal Data; the potential risk of harm from unauthorised use or disclosure; the purposes for which we Process the Personal Data; whether we can achieve those purposes through other means; and applicable legal, regulatory, and contractual requirements.
Personal Data associated with your Account is generally retained for as long as your Account remains active, or as otherwise needed to provide you with the Service. Analysis data, usage logs, and related information are retained for the duration of your active subscription period plus a reasonable additional period thereafter for backup, disaster recovery, audit, and legal compliance purposes. The specific retention periods for different categories of data may vary based on the nature of the data and applicable legal requirements.
Following termination, cancellation, or expiration of your Account, or upon your verified request for erasure of your Personal Data, we will delete or anonymise your Personal Data within a reasonable timeframe, which shall not exceed ninety (90) calendar days except where: (i) a longer retention period is required or permitted by Applicable Data Protection Laws or other legal requirements; (ii) retention is necessary for the establishment, exercise, or defence of legal claims; (iii) retention is necessary to protect the vital interests of a natural person; or (iv) retention is otherwise permitted under Applicable Data Protection Laws. Notwithstanding the foregoing, Aggregated Data and Anonymised Data may be retained indefinitely for statistical, analytical, research, and business purposes.
We do not, under any circumstances, for valuable consideration or otherwise, directly or indirectly, sell, rent, lease, license, trade, exchange, or otherwise transfer your Personal Data to third parties for their own independent commercial, marketing, or advertising purposes, except as explicitly set forth in this Section 8. We may disclose, share, or otherwise make available your Personal Data in the following circumstances and to the following categories of recipients:
We engage Third-Party Services to perform certain functions and provide certain services on our behalf. These service providers act as Data Processors and are contractually obligated to Process your Personal Data only as directed by us, to implement appropriate technical and organisational security measures, and to maintain the confidentiality of your Personal Data. Our Third-Party Services include, but are not limited to:
Each of these Third-Party Services maintains their own privacy policies, terms of service, and data processing agreements. We have entered into appropriate data processing agreements with these providers that include commitments regarding the security, confidentiality, and proper handling of Personal Data, as well as appropriate safeguards for any cross-border data transfers.
We may disclose your Personal Data where we believe, in good faith, that such disclosure is necessary or appropriate to: (i) comply with applicable laws, regulations, legal processes, or governmental requests, including but not limited to court orders, subpoenas, warrants, and regulatory enquiries; (ii) enforce or apply our Terms of Service, this Privacy Policy, or other agreements; (iii) protect the rights, property, safety, or legitimate interests of the Company, our users, or the public; (iv) investigate, prevent, or take action regarding suspected or actual illegal activities, fraud, security incidents, or technical issues; or (v) meet national security or law enforcement requirements.
In the event that the Company is involved in a merger, acquisition, consolidation, divestiture, dissolution, reorganisation, sale of all or a portion of its assets, bankruptcy, insolvency, or similar transaction or proceeding, whether actual or prospective, your Personal Data may be among the assets transferred, disclosed, or shared with the relevant parties. In such circumstances, we will use reasonable efforts to require that the recipient agrees to be bound by terms consistent with this Privacy Policy or to notify you of any material changes to the handling of your Personal Data.
We may disclose your Personal Data to third parties where you have provided your explicit prior consent to such disclosure for a specific purpose or purposes.
Subject to the conditions, limitations, and exemptions set forth in Applicable Data Protection Laws, you may have certain rights with respect to your Personal Data. These rights may include, but are not limited to:
To exercise any of these rights, please submit a verifiable request to us by contacting us at support@honesthead.com. We may require you to provide information necessary to verify your identity and ensure that you are entitled to exercise the requested right. We will respond to your request within the timeframes required by Applicable Data Protection Laws, and in any event within thirty (30) calendar days of receipt of your verifiable request, unless an extension is permitted under Applicable Data Protection Laws.
This Section 10 provides additional information required by the California Consumer Privacy Act of 2018 as amended by the California Privacy Rights Act of 2020 (“CCPA/CPRA”) for residents of the State of California.
Categories of Personal Information Collected: In the preceding twelve (12) months, we have collected the categories of personal information described in Section 4 of this Privacy Policy, which may include identifiers, commercial information, internet or other electronic network activity information, geolocation data, and inferences drawn from any of the foregoing.
Sources of Personal Information: We obtain personal information from the sources described in Section 4, including directly from you, automatically as you use the Service, from Third-Party Services, and from publicly available sources.
Sale or Sharing of Personal Information: We do not, and have not in the preceding twelve (12) months, sold or shared personal information of California consumers for cross-context behavioural advertising purposes, as those terms are defined under the CCPA/CPRA.
Your California Privacy Rights: As a California resident, you may have the right to: (i) request that we disclose the categories and specific pieces of personal information we have collected about you; (ii) request that we delete the personal information we have collected about you; (iii) request that we correct inaccurate personal information we maintain about you; and (iv) opt out of the sale or sharing of your personal information. We will not discriminate against you for exercising any of your CCPA/CPRA rights.
We implement and maintain appropriate technical and organisational security measures designed to protect your Personal Data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to Personal Data transmitted, stored, or otherwise Processed. These measures include, but are not limited to: encryption of Personal Data in transit using Transport Layer Security (TLS) protocols; encryption of Personal Data at rest using industry-standard encryption algorithms; implementation of access controls and authentication mechanisms; regular security assessments, vulnerability scans, and penetration testing; employee training on data protection and information security; incident response and breach notification procedures; and physical and environmental security controls for our systems and infrastructure.
Notwithstanding the foregoing, you acknowledge and agree that no method of transmission over the Internet, method of electronic storage, or data security measure is one hundred percent (100%) secure, and we cannot and do not guarantee the absolute security of your Personal Data. We shall not be liable for any security incident, data breach, or unauthorised access that occurs despite our implementation of reasonable and appropriate security measures. You are responsible for maintaining the confidentiality of your Account credentials and for any activity that occurs under your Account.
Your Personal Data may be transferred to, stored in, and Processed in countries or territories outside of your country of residence, including but not limited to countries outside the European Economic Area (“EEA”), the United Kingdom, or other jurisdictions that may not provide the same level of data protection as your home jurisdiction. Specifically, our servers and Third-Party Services may be located in the United States of America and other jurisdictions.
Where we transfer Personal Data from the EEA, the United Kingdom, or Switzerland to countries that have not been deemed to provide an adequate level of data protection by the relevant regulatory authorities, we ensure that appropriate transfer mechanisms and safeguards are in place, including but not limited to: the execution of Standard Contractual Clauses (“SCCs”) approved by the European Commission or the UK Information Commissioner’s Office, as applicable; reliance on adequacy decisions where applicable; binding corporate rules where applicable; and supplementary measures where necessary to address any residual risks.
By using the Service, you acknowledge and agree that your Personal Data may be transferred to and Processed in jurisdictions outside your country of residence, subject to the safeguards described herein. You may request a copy of the applicable transfer mechanism by contacting us at the contact details provided in Section 16.
We use Cookies and similar tracking technologies to collect and store information when you use the Service. The types of Cookies we may use include, but are not limited to:
You may control and manage Cookies through your browser settings. Most browsers allow you to refuse to accept Cookies or to delete Cookies already stored on your Device. Please note that if you disable or refuse Cookies, some parts of the Service may become inaccessible or not function properly.
The Service is not intended for, directed to, or designed to attract children under the age of sixteen (16) years, or under the applicable age of majority in your jurisdiction if that age is higher (“Minors”). We do not knowingly collect, solicit, receive, or store Personal Data from Minors. If we become aware that we have collected Personal Data from a Minor without verification of parental or guardian consent, we will take steps to delete such information from our servers and systems as promptly as practicable. If you believe that we may have any Personal Data from or about a Minor, please contact us at support@honesthead.com.
We reserve the right, in our sole discretion, to modify, amend, revise, or update this Privacy Policy at any time without prior notice to you. Any modifications or updates will be effective immediately upon posting on this page and updating the “Last Updated” date at the top of this Privacy Policy. We may, but are not obligated to, provide you with additional notice of material changes, such as by sending an email to the email address associated with your Account or by displaying a prominent notice within the Service.
Your continued access to or use of the Service following the posting of any modifications or updates to this Privacy Policy shall constitute your binding acknowledgement and acceptance of such modifications or updates. We encourage you to review this Privacy Policy periodically to stay informed about how we collect, use, and protect your information. If you do not agree with any modifications to this Privacy Policy, you must discontinue your use of the Service.
If you have any questions, concerns, comments, or complaints regarding this Privacy Policy, our data practices, or if you wish to exercise any of your rights under Applicable Data Protection Laws, please contact us using the following information:
Honest Headlines Inc.
Email: support@honesthead.com
We will use reasonable endeavours to respond to all legitimate enquiries within the timeframes required by Applicable Data Protection Laws, and in any event within thirty (30) calendar days.
If you are located in the EEA or the United Kingdom and believe that we have not adequately addressed your concerns or that our Processing of your Personal Data infringes Applicable Data Protection Laws, you have the right to lodge a complaint with your local data protection supervisory authority.
If any provision of this Privacy Policy is held to be invalid, illegal, void, or unenforceable by a court of competent jurisdiction, such invalidity, illegality, or unenforceability shall not affect any other provision of this Privacy Policy, and this Privacy Policy shall be construed as if such invalid, illegal, or unenforceable provision had not been contained herein. In such event, the parties shall use reasonable efforts to agree upon a valid and enforceable provision that is a reasonable substitute therefor, and upon so agreeing, shall incorporate such substitute provision into this Privacy Policy.
This Privacy Policy, together with the Terms of Service and any other documents, policies, or agreements incorporated herein by reference, constitutes the entire agreement between you and the Company with respect to the subject matter hereof and supersedes all prior or contemporaneous communications, representations, agreements, or understandings, whether oral or written, with respect to such subject matter.